CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2 days ago•3 views

CVE-2026-47989

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

Vulnrichment•added 2 days ago•4 views

CVE-2025-8444 Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates <= 2.6.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Parameters

The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. Th...

6.4CVSS5.7AI score0.00029EPSS

EUVD•added 3 days ago•6 views

EUVD-2026-35608

NVD•added 3 days ago•4 views

CVE-2026-48271

NVD•added 3 days ago•3 views

CVE-2026-48251

NVD•added 3 days ago•3 views

CVE-2026-47946

CVE•added 3 days ago•8 views

CVE-2026-48280

Adobe Experience Manager (AEM) is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability in versions 6.5.24, LTS SP1, 2026.04 and earlier. The issue allows an attacker to cause malicious JavaScript to run in a victim’s browser by manipulating the DOM; exploitation requires user interact...

Exploits0References1Affected Software1

Cvelist•added 3 days ago•22 views

CVE-2026-34692 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS0.00029EPSS

Vulnrichment•added 3 days ago•4 views

CVE-2026-47946 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Vulnrichment•added 3 days ago•3 views

CVE-2026-48265 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Cvelist•added 3 days ago•29 views

CVE-2026-48250 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Positive Technologies•added 3 days ago•5 views

PT-2026-48090

RedhatCVE•added last week•6 views

CVE-2026-40212

OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based Cross-Site Scripting XSS vulnerability in the console because document.write is used unsafely, which is relevant in scenarios where administrators use the console web interface to view instance console logs...

5.4CVSS5.5AI score0.00012EPSS

Cvelist•added 2026/06/01 2:44 p.m.•24 views

CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

7.1CVSS0.00036EPSS

ATTACKERKB•added 2026/06/01 2:44 p.m.•7 views

CVE-2026-42683

EUVD•added 2026/06/01 2:43 p.m.•11 views

EUVD-2026-33652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6...

CNNVD•added 2026/06/01 12:0 a.m.•5 views

WordPress plugin GiveWP has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.6AI score0.00036EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•10 views

PT-2026-45465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...

Vulnrichment•added 2026/05/27 9:49 a.m.•6 views

CVE-2026-42762 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows DOM-Based XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...